Commentaires 0

Retranscription du document

Each of the following is a layer that protects information security except

a.

products

b.

people

c.

communication

d.

procedures

2.

Each of the following is a reason why security is becoming increasingly difficultexcept

a.

speed of attacks

b.

slower processors

c.

sophistication of attacks

d.

faster detection of weaknesses

3.

_____ is a category of attacker who only wants to expose security flaws.

a.

hacker

b.

cracker

c.

employee

d.

spy

4.

Guarding the availability of information is achieved by

a.

access control

b.

closed system authentication

c.

wireless protection environment (WPE)

d.

frame count check (FCC)

5.

_____ is the science of transforming information so that it is secure while it isbeing transmitted or stored

a.

Default key transformation (DKT)

b.

Access control

c.

Steganography

d.

Cryptography

6.

Cryptography depends upon the process called analgorithm

that uses acipher.True

orFalse?

7.

Using the same (shared) secret key to both encrypt as well as decrypt is calledprivate key cryptography or symmetric encryption algorithms.

Trueor False?

8.

WEP keys must be a minimum of 1,664 bits in length.True

orFalse?

9.

WEP can support up to 32 keys, but only one of which can be the default key.True

orFalse?

10.

Theinitialization vector (IV)

is a 24-bit value that changes each time a packet isencrypted.True

orFalse?

11.

The output of thepseudo-random number generator (PRNG)is the_____.keystream

12.

The _____ is added to the front (“pre-pended”) of the ciphertext and is inplaintext and is not encrypted.initialization vector (IV)

13.

RC4 is astream

_____that accepts keysup to 128 bits in length

and takes onecharacter and replaces it with one character.cipher

14.

In order for an attacker to be authenticated he only has to discover the _____.SSID

15.

In a(n) _____ attack

an attacker attempts to create every possiblekeycombinationby systematically changing one character at a time in a possibledefault key, andthen using each newly generatedkeytodecrypt a message.brute force

16.

Explain how WEP violates the “cardinal rule” of cryptography.

A

mathematical key that creates a detectable pattern or structure provides anattacker with valuable information to break the encryption (keys that create thistype of repeating pattern are known as weak keys). The implementation of WEPcreates a detectable pattern for attackers.

IV’s are 24-bit numbers, meaning thereare 16,777,216 possible values.

An AP transmitting at only 11 Mbps can send andreceive 700 packets each second.

If a different IV were used for each packet, thenthe IVs would start repeating in fewer than seven hours (a “busy” AP can produceduplicates in fewer than five hours).

An attacker who captures packets for thislength of time can see the duplication and use it to crack the code.

17.

What is a man-in-the-middle attack and how can one be launched against awireless network?

Man-in-the-middle attacks on computer information are common attacker tools.This type of attack makes it seem that two computers are communicating with eachother, when actually they are sending and receiving data with a computer betweenthem, or the “manin the middle.” In Figure 8-15, Computer A and Computer B arecommunicating without recognizing that an attacker, as the man in the middle, isintercepting their transmissions.

Man-in-the-middle attacks can be active orpassive. In a passive attack, the attacker captures the sensitive data that is beingtransmitted and then sends it on to the original recipient without his presence beingdetected. In an active attack, the contents of the message are intercepted and alteredbefore they are sent on. On wireless networks, man-in-the-middle attacks arecommonly done by attackers setting up a “fake” access point.

An attacker sets uphis own AP and tricks all wireless devices to communicate with the imposter accesspoint instead of the legitimate AP.

18.

List two ways in which a denial of service (DoS) attack can be launched against aWLAN.

One type of wireless DoS attacks requires an attacker to flood the radio frequencyspectrum with noise (called jamming) that makes it appear that there is legitimatetraffic being

transmitted.

Because WLANs use Carrier Sense MultipleAccess/Collision Avoidance, which requires all devices to listen before transmitting,jamming will prevent any wireless device from transmitting. Another wireless DoSattack can be launched against a single wireless device.

An attacker can send aseries of disassociation frames to a wireless device, forcing it to disassociate and thenattempt to reassociate with the access point.

19.

Explain how an attacker can force a renegotiation to capture an SSID.

Ifan attacker cannot capture an initial negotiation process, it can force one to occur.An attacker can pretend to be an access point and send a forged disassociationframe to a wireless device.

This will cause the device to disassociate from the accesspoint.

However, the device will then immediately attempt to reconnect to the AP, atwhich time the attacker can be capturing packets and see the SSID transmitted inplaintext.

20.

What is a dictionary attack?

Unlike a brute force attack in which all possible combinations are used, a dictionaryattack takes each word from a dictionary and encodes it in the same way thepassphrase was encoded. Attackers then compare the encoded dictionary wordsagainst those in the encrypted frame. When attackers find a match, theyknowwhich dictionary word made up the passphrase.